[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Why invalid credentials



<quote who="Keryx Info">
> Hi all!
>
> An LDAP newbie posting for the first time.
>
> I can't see why I get error 49 (bad credentials) trying to run ldapadd.
>
> My guess is it's a "sasl" thingie....

Nope, typo:

'uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx.se'

should be:

'uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx,dc=se'

Try that.

Also wrong in your /etc/ldap.conf file

>
> I was following the tutorial at
> http://www.howtoforge.com/openldap_fedora7 but got nowhere.
>
> The goal is to set up ldap-authentication on a net of FC 7 clients and
> an FC 7 server.
>
> Config files:
>
> /etc/ldap.conf:
>
> HOST lb.labbnet.ne.keryx.se
> BASE dc=lb,dc=labbnet,dc=ne,dc=keryx.se
>
> ----------
> /etc/slapd.conf:
>
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/cosine.schema
> include         /etc/openldap/schema/inetorgperson.schema
> include         /etc/openldap/schema/nis.schema
> pidfile         /var/run/openldap/slapd.pid
> argsfile        /var/run/openldap/slapd.args
> database        bdb
>
> # Only three lines changed by me
> suffix          "dc=lb,dc=labbnet,dc=ne,dc=keryx,dc=se"
> rootdn          "uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx,dc=se"
> rootpw      {CRYPT}tecdIjhx8TVq.
> # Temporary password - I will change it later!
>
> directory       /var/lib/ldap
> index objectClass                       eq,pres
> index ou,cn,mail,surname,givenname      eq,pres,sub
> index uidNumber,gidNumber,loginShell    eq,pres
> index uid,memberUid                     eq,pres,sub
> index nisMapName,nisMapEntry            eq,pres,sub
>
> -------------
> Output of "/usr/bin/ldapadd -x -D
> 'uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx.se' -W -f /root/ibunk.ldif -d
> 1":
>
> ldap_initialize( <DEFAULT> )
> filter: (objectclass=*)
> requesting: All userApplication attributes
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 32 No such object
>
> # numResponses: 1
>
> -------------
> Output of /usr/bin/ldapadd -x -D
> 'uid=root,dc=lb,dc=labbnet,dc=ne,dc=keryx.se' -W -f /root/ibunk.ldif -d 1
> ldap_create
> Enter LDAP Password: <entered correctly>
> ldap_bind
> ldap_simple_bind
> ldap_sasl_bind
> ldap_send_initial_request
> ldap_new_connection 1 1 0
> ldap_int_open_connection
> ldap_connect_to_host: TCP lb.labbnet.ne.keryx.se:389
> ldap_new_socket: 4
> ldap_prepare_socket: 4
> ldap_connect_to_host: Trying 127.0.0.1:389
> ldap_connect_timeout: fd: 4 tm: -1 async: 0
> ldap_open_defconn: successful
> ldap_send_server_request
> ber_scanf fmt ({it) ber:
> ber_scanf fmt ({i) ber:
> ber_flush: 62 bytes to sd 4
> ldap_result ld 0x9631270 msgid 1
> ldap_chkResponseList ld 0x9631270 msgid 1 all 1
> ldap_chkResponseList returns ld 0x9631270 NULL
> wait4msg ld 0x9631270 msgid 1 (infinite timeout)
> wait4msg continue ld 0x9631270 msgid 1 all 1
> ** ld 0x9631270 Connections:
> * host: lb.labbnet.ne.keryx.se  port: 389  (default)
>    refcnt: 2  status: Connected
>    last used: Thu Sep 13 17:11:22 2007
>
> ** ld 0x9631270 Outstanding Requests:
>   * msgid 1,  origid 1, status InProgress
>     outstanding referrals 0, parent count 0
> ** ld 0x9631270 Response Queue:
>     Empty
> ldap_chkResponseList ld 0x9631270 msgid 1 all 1
> ldap_chkResponseList returns ld 0x9631270 NULL
> ldap_int_select
> read1msg: ld 0x9631270 msgid 1 all 1
> ber_get_next
> ber_get_next: tag 0x30 len 12 contents:
> read1msg: ld 0x9631270 msgid 1 message type bind
> ber_scanf fmt ({eaa) ber:
> read1msg: ld 0x9631270 0 new referrals
> read1msg:  mark request completed, ld 0x9631270 msgid 1
> request done: ld 0x9631270 msgid 1
> res_errno: 0, res_error: <>, res_matched: <>
> ldap_free_request (origid 1, msgid 1)
> ldap_free_connection 0 1
> ldap_free_connection: refcnt 1
> ldap_parse_result
> ber_scanf fmt ({iaa) ber:
> ber_scanf fmt (}) ber:
> ldap_msgfree
> ldap_err2string
> ldap_bind: Invalid credentials (49)
>
>
>